RewriteEngine On

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# redirect to public page
<IfModule mod_rewrite.c>
  RewriteEngine On
  RewriteCond %{REQUEST_URI} !^public$
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
  RewriteRule "^(.*)$" "/public/" [R=301,L]
</IfModule>

# disable directory browsing
# For security reasons, Option all cannot be overridden.
Options +SymLinksIfOwnerMatch -Indexes

# prevent folder listing
IndexIgnore *

<IfModule mod_headers.c>
  Header always set X-Frame-Options "SAMEORIGIN"
</Ifmodule>

# Apache 2.4
<IfModule authz_core_module>
  # secure htaccess file
  <Files .htaccess>
    Require all denied
  </Files>

  # prevent access to PHP error log
  <Files error_log>
    Require all denied
  </Files>

  # prevent access to LICENSE
  <Files LICENSE>
    Require all denied
  </Files>

  # prevent access to csv, txt and md files
  <FilesMatch "\.(csv|txt|md|yml|json|lock)$">
    Require all denied
  </FilesMatch>
</IfModule>

# Apache 2.2
<IfModule !authz_core_module>
  # secure htaccess file
  <Files .htaccess>
    Order allow,deny
    Deny from all
    Satisfy all
  </Files>

  # prevent access to PHP error log
  <Files error_log>
    Order allow,deny
    Deny from all
    Satisfy all
  </Files>

  # prevent access to LICENSE
  <Files LICENSE>
    Order allow,deny
    Deny from all
    Satisfy all
  </Files>

  # prevent access to csv, txt and md files
  <FilesMatch "\.(csv|txt|md|yml|json|lock)$">
    Order allow,deny
    Deny from all
    Satisfy all
  </FilesMatch>
</IfModule>

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php7_module>
   php_flag display_errors Off
   php_value max_execution_time 300
   php_value max_input_time 600
   php_value max_input_vars 5000
   php_value memory_limit 256M
   php_value post_max_size 80M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php74"
   php_value upload_max_filesize 320M
   php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
   php_flag display_errors Off
   php_value max_execution_time 300
   php_value max_input_time 600
   php_value max_input_vars 5000
   php_value memory_limit 256M
   php_value post_max_size 80M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php74"
   php_value upload_max_filesize 320M
   php_flag zlib.output_compression Off
</IfModule>
# END cPanel-generated php ini directives, do not edit

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
